IETF Logo Mail Archive

Re: [Perc] Request for decision review

"Paul E. Jones" <paulej@packetizer.com> Mon, 16 May 2016 21:47 UTC

Return-Path: <paulej@packetizer.com>
X-Original-To: perc@ietfa.amsl.com
Delivered-To: perc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51F5B12D51C for <perc@ietfa.amsl.com>; Mon, 16 May 2016 14:47:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.428
X-Spam-Level:
X-Spam-Status: No, score=-3.428 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.426, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=packetizer.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nQcmvsYC3JOL for <perc@ietfa.amsl.com>; Mon, 16 May 2016 14:47:47 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [75.101.130.125]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7484C12B04A for <perc@ietf.org>; Mon, 16 May 2016 14:47:47 -0700 (PDT)
Received: from [192.168.1.20] (cpe-098-122-181-215.nc.res.rr.com [98.122.181.215] (may be forged)) (authenticated bits=0) by dublin.packetizer.com (8.15.2/8.15.2) with ESMTPSA id u4GLljDF018644 (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 16 May 2016 17:47:45 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=packetizer.com; s=dublin; t=1463435266; bh=FlaJmCGmpmEbBS2fDrEoOB+mnrgpx+EDAPpqVwWFhN0=; h=From:To:Subject:Date:In-Reply-To:Reply-To; b=TJz5kpUjQTsxSaNoI7bS68/wJBN3mRfqE9eeIVhpYNE6ee0HIYNo1/0HV2zxqR8Tu ktMhsINVcZlNQfwHIO1I6YWpnRmQt+Py7cH6WXCZpMEbHqaWen+acieT4qXqKT7TVg JnSE3+WgR492d1/SEUXf+/Wiu+qp/kVXXv8y4m6o=
From: "Paul E. Jones" <paulej@packetizer.com>
To: Emil Ivov <emcho@jitsi.org>, Adam Roach <adam@nostrum.com>, perc@ietf.org
Date: Mon, 16 May 2016 21:47:52 +0000
Message-Id: <embf772d31-22be-4f64-b05f-67e7b89e4d81@sydney>
In-Reply-To: <eb637d6a-b3f8-b5f2-9a9e-da20dfb9b3b8@jitsi.org>
User-Agent: eM_Client/6.0.24928.0
Mime-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.16 (dublin.packetizer.com [10.137.60.122]); Mon, 16 May 2016 17:47:46 -0400 (EDT)
Archived-At: <http://mailarchive.ietf.org/arch/msg/perc/oVyk6iVsMLi3W7UBpi-6mrUkHqs>
Subject: Re: [Perc] Request for decision review
X-BeenThere: perc@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: "Paul E. Jones" <paulej@packetizer.com>
List-Id: Privacy Enhanced RTP Conferencing <perc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perc>, <mailto:perc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perc/>
List-Post: <mailto:perc@ietf.org>
List-Help: <mailto:perc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perc>, <mailto:perc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 May 2016 21:47:49 -0000

Emil,

>The second problem mentioned by Cullen on May 10 is the one about 
>splicing that's also described here:
>https://tools.ietf.org/html/draft-mattsson-perc-srtp-cloud-01#section-7.2.4
>
>This can be resolved by simply having an rtp-hdrext attached and signed 
>by the sender that carries the original SSRC. That part will not be 
>allowed to change and needs to be copied over by the MDD/SFU together 
>with the rests of the immutable parts.

I don't think there is even an additional signing process required.  The 
sender of the packet will encrypt the packet containing the original 
SSRC value, with the authentication including that SSRC field.  If the 
MDD preserves that value in the OHB (described in the "double" draft), 
then the receiving endpoint could restore the original SSRC value in the 
packet header before attempting to decrypt.  If the wrong SSRC is 
provided, the packet will fail authentication.

Having two SSRC numbering spaces that can overlap is unfortunate, 
though.  Using libraries like libsrtp, we would need to have an E2E 
context and a HBH context.  That is, we have to initialize the library 
twice, because every SSRC and related cryptograhic parameters, replay 
database, etc. expects a single number space.  Thus, to decrypt a packet 
we would have to do this:

     srtp_unprotect(hbh_context, packet);
     do_perc_stuff(packet);  // Such as dealing with the OHB field
     srtp_unprotect(e2e_context, packet);
We could hide that extra step by having the library create the second 
context under-the-covers or creating a wrapper layer around libsrtp (or 
whatever SRTP library is employed).  If we did not create overlapping 
number spaces, this could be avoided.

I personally think having overlapping number spaces is messy.  And for 
what?  I still fail to see how performing a 1:1 mapping of an SSRC value 
does anything to make building the MDD any easier.  In fact, I see it as 
just more complexity.  And, it's more complexity for the endpoint (as I 
note above), juggling E2E and HBH SSRC values.

Paul

v2.23.0 | Report a Bug | By Email